Design and Analysis of an Integral Sliding Mode Fault-Tolerant Control Scheme

IEEE TRANSACTIONS ON AUTOMATIC CONTROL, VOL. 57, NO. 7, JULY 2012 1783

Design and Analysis of an Integral Sliding ModeFault-Tolerant Control Scheme

Mirza Tariq Hamayun, Christopher Edwards, and Halim Alwi

Abstract—A novel scheme for fault-tolerant control is proposed in thispaper, in which integral sliding mode ideas are incorporated with controlallocation to cope with the total failure of certain actuators, under the as-sumption that redundancy is available in the system. The proposed schemeuses the effectiveness level of the actuators to redistribute the control sig-nals to healthy actuators without reconfiguring the controller. The effec-tiveness of the proposed scheme against faults or failures is tested in simu-lation based on a large transport aircraft model.

Index Terms—Fault-tolerant control (FTC), integral sliding modes(ISM), linear matrix inequalities (LMIs).

I. INTRODUCTION

The challenges of ensuring safety, in critical systems such as aircraftand chemical plant has motivated the need for fault-tolerant control(FTC) and has stimulated research in this area. Survey papers such as[1] highlight recent work in the area of FTC and discuss the various ap-plication areas. One of the important elements necessary for achievingFTC, is the availability of redundant actuators. This provides increasedfreedom in terms of controller design to mitigate the effects of faultsand failures. For over actuated systems such as aircraft, this require-ment is easily satisfied. Although these “redundant” actuators are oftendesigned for different purposes, in the event of an emergency (such asfaults or failures to the primary actuators), they can be used to retainsatisfactory performance1.

This paper is concerned with the development of fault-tolerant con-trollers for a class of over-actuated linear systems. The redundancy inthe over-actuated system will be exploited to achieve tolerance to aspecified class of faults/failures, which includes the possibility of totalfailure to certain primary actuators. Unlike some other schemes in theliterature, it is not assumed that the redundancy takes the form of purereplication of certain actuators, and exploits instead the inherent cou-pling typically present in multi-variable systems. The precise class oftotal actuator failure which can be accommodated is identified. A novelcontrol scheme is proposed which involves a combination of control al-location and integral sliding mode techniques.

Control allocation (CA) is one approach which has the capability tomanage redundancy in over-actuated systems [3], [4]. In aircraft sys-tems for example, the idea is to design a controller based on a “vir-tual” system which provides the desired moments about the center ofmass [5]. The virtual control signal is then translated into actual con-trol surface deflections using CA. In terms of the “virtual” controllerdesign, many methods have been considered in the literature, includingLQR [5], and sliding mode control [6]–[8]. Classical sliding modes, asemployed in [6]–[8], consist of two phases: the initial reaching phase(prior to the attainment of a sliding mode), followed by the reduced

Manuscript received May 16, 2010; revised November 30, 2010; acceptedNovember 14, 2011. Date of publication December 16, 2011; date of currentversion June 22, 2012. The work of M. T. Hamayun was supported by COM-SATS. Recommended by Associate Editor A. Ferrara.

The authors are with the Department of Engineering, University of Leicester,Leicester LE1 7RH, U.K. (e-mail: [email protected]; [email protected];[email protected]).

Digital Object Identifier 10.1109/TAC.2011.2180090

1An example of this is the Propulsion Controlled Aircraft (PCA) experimentsconducted by NASA [2].

order sliding motion. During a sliding mode, the closed-loop system isinherently robust to faults in actuators which can be well modeled asmatched uncertainty. However this robustness is only achieved duringthe sliding motion.

To achieve a sliding mode throughout the entire system response,the concept of integral sliding modes (ISM) was proposed in [9], [10]and [11]. In this paper a novel combination of ISM and CA is pro-posed. This combination allows total failures for a certain subset of theactuators (as well as faults in all actuators) to be accounted for, sincesliding mode systems, in common with other traditional feedback sys-tems, are not capable of mitigating total actuator failures without someform of reconfiguration/accommodation. The proposed scheme usesthe measured or estimated effectiveness level of the actuators to re-distribute the control effort during faults/failures to maintain close tonominal closed-loop performance without reconfiguring the controller.The scheme proposed in this paper has certain advantages compared to[8], which is based on traditional sliding mode control methods. Animportant advantage is that the analysis of the closed-loop system isless complex and less conservative than the work in [8]. Furthermorethe stability test proposed in this paper allows a more effective syn-thesis procedure to be employed to compute the parameters involvedin the control law. In fact, a convex representation of the problem can beformulated to allow the use of LMI optimization to synthesize the con-troller, whereas the approach in [8] requires a “synthesis-followed-by-analysis” procedure. In this paper the synthesis and analysis is totallyintegrated.

II. SYSTEM DESCRIPTION AND PROBLEM FORMULATION

A LTI system with actuator faults/failures can be represented as

�� (1)

where the system and input matrices � � ��, � � ��,and � �� is a diagonal matrix. Thepair �� is assumed to be controllable. The time varying scalars�� model the effectiveness level of the actuators. If�� , it means that the �� actuator has no fault and is workingperfectly, whereas if � �� , an actuator fault is present i.e.,the actuator functions with reduced capability. If �� , actuator �has completely failed and the control input component �� has no effecton the system dynamics. This representation of actuator faults/failures,has been used by many researchers: see for example [12] and [13]. Thematrix � will be termed the efficiency matrix indicating the healthlevel of each actuator. Associate with (1) a set of controlled outputs

�� (2)

where � � �� and � � �. The variables �� are requiredto respond to desired (external) commands. In terms of “control-ling” these outputs only � independent actuators are needed toinduce the required closed-loop performance. The remaining � � �

actuators constitute redundancy and can be exploited to achievefault tolerance. In this paper an estimate of the actuator efficiency,� �� , where the scalars � �� ,will be used explicitly in the control law. One way to obtain anestimate of the actuator efficiency is by using a measurement of theactual actuator deflection compared to the demand. Such informationis typically available in many safety critical systems e.g., passengeraircraft [14]. In other situations � �� would need to be providedby a Fault Detection and Isolation (FDI) scheme. A sliding modeobserver based approach, proposed in [15], can be used to estimate� ��. Because of the properties of sliding mode observers, the error

0018-9286/$26.00 © 2011 IEEE

1784 IEEE TRANSACTIONS ON AUTOMATIC CONTROL, VOL. 57, NO. 7, JULY 2012

Fig. 1. Schematic of the overall control strategy.

system dynamics collapse in finite time, and do not introduce an extradynamical error loop which is advantageous. Kalman filter basedmethods have also been considered to create the estimates � ��, seefor example [16]. Whatever method is employed, the estimate � ��will not be perfect and in this paper the difference between the actualefficiency matrix � ��, and its estimate � �� is assumed to satisfy

� �� (3)

where �� . The unknown scalars�� model the level of imperfection in the fault esti-mation. The effect of this imperfection will be analyzed later in thepaper. In this paper a virtual control concept [5] for resolving actuatorredundancy will be employed. To this end, the matrix can bepartitioned as

��

�(4)

where � � ��, � � �� of rank � � . Here, as in [8],it is assumed that the elements of � have large magnitude comparedto ��, so that� represents the dominant contribution of the controlaction on the system compared to �. To create this separation, a per-mutation of the states must usually be undertaken. The virtual controlinput [5] is defined as

�� (5)

where �� can be interpreted as the total control effort producedby the actuators [5]. As in [8], once the partition of in (4) has beenachieved, scale the states so that �

�

� � ��. This can be achievedwithout loss of generality.

The control signal sent to the actuators is

�� (6)

where�� is a right pseudo-inverse of the matrix�. Thus

the matrix �� “distributes” the virtual control signal to the physical

actuators via (6). A generic choice of �� such that ��

is

��

� ��

� �� (7)

assuming ��

� � �� . In the special case when � �� ,

��

� . The overall control structure is given in Fig. 1.Define

� � ��

� ��

�

��

� � �� (8)

Because � � , it is possible that ��

� � �� even if up to � � of the entries �� in the matrix � ��: in other words,potentially up to � � can totally fail and yet ��

� � �� .However if more than � � entries are zero, then ��

and ��

� � � �. The set will be shown to constitute thefaults/failures for which closed-loop stability can be maintained.

Substituting (6) into (1) and using (7) results in

��

� ��

� ��

��

� ��

� �� (9)

with

��

� ��

� �� (10)

then (9) can be written as

��

� ��

��

��

�� (11)

where

� ��

��

� ��

� �� (12)

Notice that � �� is a pseudo inverse of � since �

� �� , for

all � �� . Furthermore in the special case when � �� , then

� ��

� ��

� ��

� . Whilst the pseudo inverse ��

defined in (7) is used for control allocation, the pseudo inverse � ��

defined in (12) plays a significant role in the closed-loop analysis whichfollows. Using the properties of pseudo inverses detailed in [17], asargued in [8], there exists a scalar �� such that

��

� ��

� �� (13)

for all � �� .In the case when the estimates of the efficiency are perfect (i.e.,

�� ), and when there are no faults present (i.e., � �� ),(11) simplifies to

��

�

�

��

�

�� (14)

since � ��

��

� . The nominal fault free (14) will be usedto design the control scheme. Suppose that by design of the partitionin (4), the pair �� associated with (14) is controllable, then thereexists a state feedback controller �� , so that the nominalsystem

�� (15)

is stable. The state feedback controller can be designed to achieve op-timality against some appropriate criteria. The choice of the matrix �

will be discussed in the sequel.


III. INTEGRAL SLIDING MODE CONTROLLER DESIGN

This section, develops a systematic design procedure for the syn-thesis of an ISM controller. There are two steps to design an ISM con-troller, first a sliding surface is designed, and then in the second step, acontrol law to induce and maintain a sliding motion is created.

A. Integral-Type Switching Surface Design

The integral sliding surface suggested in [11] for the system in (14)associated with the virtual control of input �� is defined by the set

� � �� (16)

where the switching function �� is defined as

��

�

�� (17)

and � � �� is design freedom. Notice that, at � � ��, the switchingfunction �� , and hence the reaching phase is eliminated[11]. It can be shown (see for example) [9] that the sliding motion asso-ciated with (17) is always nominally governed by �� indepen-dent of the choice of �. Recently, an approach was suggested for theselection of � which attempts to ameliorate the effects of unmatcheduncertainty [11]. In this paper

� �� (18)

is suggested. Notice that since by definition �� , this choice

of � has the property that

��

��

��

and so � defined in (18) is a specific choice of left-pseudo inverse of�� .

To include a tracking facility, the switching function (17) is aug-mented with a feedforward term ��, where �� is the referencesignal to track, and

� �� (19)

where � � �� is associated with the selected controlled outputs in(2). Ultimately the control laws �� and �� will also be augmentedwith this term. Define a modification to the switching function from(17) as

��

��

�

�� (20)

where � is defined in (18).Remark: The following analysis is novel compared to the ISM

schemes in [9]–[11], since the effects of faults and the actuator re-dundancy must be taken into account. As a consequence, the analysisin this section is quite distinct compared to the papers cited abovebecause of the incorporation of the ideas from control allocation toexploit the redundancy to ensure sliding can be maintained even in theface of certain total actuator failures.

In order to analyze the sliding motion associated with the surface in(20) and� in (18) in the presence of faults, compute the time derivativeof (20). It is easy to see

�� (21)

Substituting (11) in (21), and using the fact that �� , yields

�� (22)

The equivalent control [18], can be obtained by solving for � in �� which yields

�� (23)

Substituting the expression in (23) into equation (11) and adding andsubtracting �� yields

��

� �� (24)

where �� is defined in (14) and � in (11). Using � as defined in (18),further simplifying (24) gives

�� (25)

where

��

� ��

�� (26)

and

��

�� (27)

Remark: Notice in the case of perfect knowledge of the actuatorefficiency (i.e., �� ), and when there are no faults in the system(i.e., � �� ), the matrices ��

�� and ��

� ��

�� . Then using the fact that �� , (25) becomes

�� (28)

which is stable by design. Furthermore by choice of � , the controlledoutput �� . Equation (28) constitutes ideal fault free be-havior. However for the generic fault/failure case, the closed-loop sta-bility needs to be proven since the closed-loop system (25) depends onmatrices � �� and ��.

In the presence of faults/failures, the closed-loop system (assuminga sliding motion is maintained) is governed by

�� (29)

For the subsequent analysis, define a transfer function matrix

�� (30)

where �� . By construction, �� is stable, and define ascalar

�� (31)

Proposition 1: Assume the effectiveness gain estimate � �� is suf-ficiently accurate so that the condition �� holds, where ��is defined in (13) and �� . Then during a fault or failurecondition, for any � �� , the reduced order slidingmotion will be stable if:

��

�� (32)

where �� , �� and �� is as defined in (31).


Proof: The system in (29), which represents the sliding motioncan be written as:

�� (33)

�� (34)

where

�� (35)

In this form, the differential equation in (29) may be considered to bethe closed-loop dynamics of the negative feedback interconnection of�� and the “feedback gain” in (35). According to the small gain the-orem [19], if

� �� (36)

then (29) will be stable. From (26), it is clear that

��

��

� ��

Using the fact that �� , �� and also that in general

�� if � � � � [20], then

��

��

� �� (37)

This is well defined since �� . Since

�� and �� , inequality (37) becomes

��

�� (38)

Since �� , in conjunction with (38), it is clear that if in-equality (32) holds, the small gain condition (36) holds, and conse-quently the system in (29) is stable.

B. Integral Sliding Mode Control Laws

Now a sliding mode control law must be designed based on the vir-tual system (11) with respect to ��. The proposed control structurehas a form given by

�� (39)

where

�� (40)

The scaled unit vector

��

��if ��

� otherwise(41)

where �� is a scalar modulation function to enforce the slidingmotion. A suitable choice of �� will be described explicitly in thesequel.

Proposition 2: Suppose that

��

��(42)

where �� is defined in (13). If �� is chosen as

��

��(43)

where � is a positive scalar, then, the control law proposed in (39) sat-isfies the so-called reachability condition and sliding on � in (16) ismaintained.

Proof: Substituting (11) in (21) gives

�� (44)

Substituting for �� from (39)–(41) and using the fact that � ��

� ��, gives

��

��

� ��

��

� � � �� (45)

Consider the candidate Lyapunov function

� ��

�� (46)

The time derivative of the Lyapunov function along the trajectories sat-isfies

��

� ��

��

�

��

and therefore

��

�

�

� ��

� � ��

� � �� (47)

Substituting for � from (43) into (47) gives �� , which isthe standard �-reachability condition [21], and implies that the slidingmotion is maintained for all time.

Finally, using (6), (7), and (10) it follows that the control law is givenby

��

��

��

��

�� (48)

This is the actual control signal which will be sent to the actua-tors, and depends on the effectiveness levels. The proposed ISMcontroller (48) can deal with total actuator failures, provided that� �� and the conditions of Proposition 1 aresatisfied. The results developed in this section can be summarized inthe form of the following theorem:

Theorem 1: The system in (1) is closed-loop stable for any fault/failure combination belonging to � in (8) under the control law (48),if a feedback gain � can be found such that

��

��

where �� is defined in (31), �� , �� satisfies ��

where �� is defined in (12), and�� bounds the relative error in

the estimation of the effectiveness gains in (3).

C. Design of the Controller Gains

This section demonstrates one of the key advantages of this approachcompared to [8]. It will be demonstrated that the stability test in Propo-sition 1 is amenable to incorporation within a synthesis framework fordetermining the feedback gain � in (15). For the nominal system (15),


the matrix � must be chosen to stabilize �� . Since ��is assumed to be controllable, the LQR formulation adopted here seeksto minimize the cost function

� ��

�

��

where the matrices � and are symmetric positive definite matrices.This problem can be posed as an LMI optimization [22]: Minimize�� subject to

��

�� (49)

� � � (50)

where � �� with � � �� and � � ��.Since, in addition, the small gain stability condition (32) needs to be

satisfied, from the Bounded Real Lemma [22], the �� gain from � to�, which in this situation is equal to the�� norm of its transfer matrix�, satisfies � �� iff there exist � � � and � � � such that

��

� � �

��

� � ��

� � (51)

where � is defined in (27). Here, � is an a-priori fixed scalar gain whichmay be viewed as a tuning parameter. If

� ��

��

then the conditions of Theorem 1 are satisfied and closed-loop stabilityfor a fault/failure combination belonging to � is guaranteed.

The overall optimization process is: Minimize �� subject to

��

� � (52)

together with (49), (50), and (51). The matrix � is a slack variablewhich satisfies � � �� and therefore �� ).Finally the feedback gain � can be recovered as � � � ��.

IV. SIMULATION RESULTS

The problem of controlling the lateral axis of a large transport aircraft[23] will be used to demonstrate the effectiveness and feasibility of theproposed scheme. A linear model has been obtained around an oper-ating condition of straight and level flight at 263 000 kg, 92.6 m/s trueairspeed, and at an altitude of 600 m based on 25.6% of maximum thrustand at a 20 deg flap position. The states are �� , where � is rollangle (rad), � is sideslip angle (rad), � is yaw rate (rad/sec), and � is rollrate (rad/sec). The controlled outputs are �� , which means � � �.The available control surfaces are � � ��

� , which representanti-symmetric aileron deflection (rad), rudder deflection (rad) and dif-ferential aggregated engine pressure ratios (EPR). Note in this example� � � while � � �, and so in theory only two control inputs wouldbe required to force the controlled outputs to follow a commanded tra-jectory. Here the fact that three control inputs can be manipulated, in-dicates the existence of redundancy in the system which can be ex-ploited to achieve fault tolerance. The ordering of the states ensures�� . After scaling the states to ensure ��

�� the

state-space representation is

� �

� � ��

��

��

��

Fig. 2. Aileron-fault: plant states.

Fig. 3. Aileron-fault: actuator deflections.

� �

� � �

� ��

��

��

��

��

�

In a fault free scenario, i.e., in normal flight, the primary control sur-faces for � and � tracking are the ailerons and rudder respectively;however the engine thrust can be used as redundancy for both surfaces.Based on these assumptions, using a numerical search, it was found thata suitable bound for the scalar in (13) is �� . Consequentlythe maximum error in efficiency estimation which can be tolerated is �� . Here �� is chosen to satisfy this re-quirement which implies an upper bound on the relative error in !of 25%. It can be easily verified that �� . It canbe shown that in order to satisfy the requirements of Theorem 1, thescalar �� "�� must satisfy �� . Thenominal state feedback controller gain � associated with (15) has beendesigned using the LMI approach proposed in Section III-C. The nom-inal performance design matrices � and in (49) have been chosen as� � # $� � �� and � # $�� respectively. The choice


Fig. 4. Rudder offset-jam: plant states.

of � � �� in (51) results in �� and it can beverified that

��

��

and therefore the condition of Theorem 1 is satisfied2. Consequentlythe closed-loop stability of the system for any combination of faults� �� is ensured.

In the simulations which follow the linear aircraft model undertakesa turning manoeuvre, where the reference command requests a changein � to 25 deg during the period of time 60–90 sec, whilst a 0 degreference command is applied to � throughout. In some applicationsthe discontinuous controller can be applied directly. In this case it isnot possible, and the discontinuity in (41) is smoothed using the sig-moidal approximation [21], �� where the value of the pos-itive scalar � is chosen to be 0.001. An ideal sliding motion will notbe obtained in this situation, and instead the switching function ��will be forced into a boundary layer around � . This can be made arbi-trarily small by selecting � sufficiently small. The loss of ideal slidingresults in another (exogenous) signal, depending on ��, impactingon (25). However, the stability analysis of the sliding motion associ-ated with (29) is still valid. Figs. 2 and 3 show various levels of aileronfaults (from 0%–100%) each occurring at 80-sec in 15% increments.It can be seen that the CA systematically redistributes the control sig-nals to the rudder and the engines, while maintaining the same level oftracking performance as in the fault free condition.

Figs. 4 and 5 show the tracking performance of the states and thecontrol surface deflections, when a rudder jam occurs at 80-sec�� .In the failure case the control signal sent to the rudder is shutoff as theeffectiveness level vanishes. Although not shown, in all the simulatedscenarios, a sliding mode exists for the whole of the simulation period.

V. CONCLUSION

A novel ISM FTC scheme has been proposed in this paper. To handletotal actuator failures, integral sliding mode ideas are incorporated intoa control allocation framework, which has the capability to redistribute

2Choosing � � �� in (51) will guarantee that � � �� but willunnecessarily limit the nominal performance of the controller. Because of theconservatism resulting from the common solution to (49)–(51) a larger value of� has been used during the synthesis but this still results in � � ��, whichsatisfies the requirements of Theorem 1.

Fig. 5. Rudder offset-jam: actuator deflections.

the control effort among the healthy redundant actuators automaticallyin the case of faults/failures without reconfiguring the controller. Theestimation of the actuator effectiveness levels is a key source of in-formation for the control allocation scheme. A new stability analysisensures closed-loop stability of the system for a certain level of mis-match between the actual and the estimated fault and in fact the syn-thesis problem can be posed as a convex optimization in terms of theparameters of the controller. The efficiency of the proposed fault tol-erant scheme has been demonstrated through simulation based on faultscenarios in a large transport aircraft.

REFERENCES

[1] Y. Zhang and J. Jiang, “Bibliographical review on reconfigurablefault-tolerant control systems,” Annu. Rev. Control, vol. 32, no. 2, pp.229–252, 2008.

[2] T. Tucker, Touchdown: The Development of Propulsion ControlledAircraft at NASA Dryden 1999, Monographs in Aerospace History,no 16.

[3] J. Boskovic and R. Mehra, “Control allocation in overactuated aircraftunder position and rate limiting,” in Proc. Amer. Control Conf., An-chorage, AK, 2002, vol. 1, pp. 791–796.

[4] J. Davidson, F. Lallman, and W. Bundick, “Real-time adaptive controlallocation applied to a high performance aircraft,” in Proc. 5th SIAMConf. Control and Its Application, San Diego, CA, 2001.

[5] O. Härkegård and S. T. Glad, “Resolving actuator redundancy – Op-timal control vs. control allocation,” Automatica, vol. 41, no. 1, pp.137–144, 2005.

[6] R. Hess and S. Wells, “Sliding mode control applied to reconfigurableflight control design,” J. Guidance, Control and Dynam., vol. 26, no.3, pp. 452–462, 2003.

[7] Y. Shtessel, J. Buffington, and S. Banda, “Tailless aircraft flight controlusing multiple time scale re-configurable sliding modes,” IEEE Trans.Control Syst. Technol., vol. 10, no. 2, pp. 288–296, Mar. 2002.

[8] H. Alwi and C. Edwards, “Fault tolerant control using sliding modeswith on-line control allocation,” Automatica, vol. 44, no. 7, pp.1859–1866, 2008.

[9] V. Utkin and J. Shi, “Integral sliding mode in systems operating underuncertainty conditions,” in Proc. 35th IEEE Conf. Decision and Con-trol, 1996, pp. 4591–4596.

[10] W. Cao and J. Xu, “Nonlinear integral type sliding surface for bothmatched and unmatched uncertain systems,” IEEE Trans. Autom. Con-trol, vol. 49, no. 8, pp. 1355–1360, Aug. 2004.

[11] F. Castanos and L. Fridman, “Analysis and design of integral slidingmanifolds for systems with unmatched perturbations,” IEEE Trans.Autom. Control, vol. 51, no. 5, pp. 853–858, May 2006.

[12] Y. Zhang and J. Jiang, “Fault tolerant control system design with ex-plicit consideration of performance degradation,” IEEE Trans. Aerosp.Electron. Syst., vol. 39, no. 3, pp. 838–848, Mar. 2003.


[13] G. Tao, S. M. Joshi, and X. Ma, “Adaptive state feedback and trackingcontrol of systems with actuator failures,” IEEE Trans. Autom. Control,vol. 46, no. 1, pp. 78–95, Jan. 2001.

[14] D. Brière and P. Traverse, “Airbus A320/A330/A340 electrical flightcontrols: A family of fault-tolerant systems,” in Dig. Papers FTCS-23,Proc. 23rd Int. Symp. Fault-Tolerant Computing, 1993, pp. 616–623.

[15] H. Alwi and C. Edwards, “Sliding mode FTC with on-line control allo-cation,” in Proc. 45th IEEE CDC, San Diego, CA, 2006, pp. 775–795.

[16] N. Wu, Y. Zhang, and K. Zhou, “Detection, estimation, and accom-modation of loss of control effectiveness,” Int. J. Adapt. Control andSignal Process., vol. 14, no. 7, pp. 775–795, 2000.

[17] G. Stewart, “On scaled projections and pseudoinverses,” Linear Al-gebra and its Applic., vol. 112, pp. 189–193, 1989.

[18] V. Utkin, J. Guldner, and J. Shi, Sliding Mode Control in Electro-mechanical Systems. London, U.K.: Taylor and Francis, 1999.

[19] H. Khalil, Nonlinear Systems. Englewood Cliffs, NJ.: Prentice-Hall,1992.

[20] R. A. Horn and C. R. Johnson, Matrix Analysis. Cambridge, U.K.:Cambridge Univ. Press, 1990.

[21] C. Edwards and S. Spurgeon, Sliding Mode Control, Theory and Ap-plications. New York: Taylor and Francis, 1998.

[22] S. Boyd, L. Ghaoui, E. Feron, and V. Balakrishnan, Linear Matrix In-equilities in System and Control Theory. Philadelphia, PA: SIAM,1994.

[23] C. Edwards, T. Lombaerts, and H. Smaili, Fault Tolerant FlightControl: A Benchmark Challenge. Berlin/Heidelberg, Germany:Springer-Verlag, 2010, vol. 399.

Hierarchical Cucker-Smale ModelSubject to Random Failure

Federico Dalmao and Ernesto Mordecki

Abstract—Consider a system of autonomous interacting agents in ,where each agent adjusts its velocity according to its own past velocity anda weighted mean of the relative velocities of its superiors in a certain pre-scribed hierarchy. Furthermore, each agent, at each time step, can fail tosee any of its superiors with a certain probability, the failure rate proba-bility. We prove that for agent interactions with linear or sub-linear dis-tance dependent rate of decay, the flocking results valid for the non-failuredeterministic model introduced by Shen [8] also hold true, independentlyof the failure rate probability.

Index Terms— Cucker–Smale flocking.

I. INTRODUCTION AND MAIN RESULT

The mathematical modeling of collective behavior in a group of au-tonomous interacting agents arises in many different fields, a centralquestion being the asymptotic behavior of the system. A relevant con-tribution in this field was recently made by Shen in the article “Cucker-Smale flocking under hierarchical leadership” [8], where he introducesa variant of the seminal Cucker-Smale model [3], considering hier-archical rules of connectivity, instead of the “all against all” connec-

Manuscript received August 18, 2010; revised February 24, 2011 and July14, 2011; accepted November 19, 2011. Date of publication February 22, 2012;date of current version June 22, 2012. Recommended by Associate Editor P.Tsiotras.

F. Dalmao is with the Universidad de la Republica, Sede Salto, Salto 50000,Uruguay (e-mail: [email protected]).

E. Mordecki is with the Centro de Matemática, Facultad de Ciencias, Univer-sidad de la República. Montevideo 11400, Uruguay (e-mail: [email protected]).

Digital Object Identifier 10.1109/TAC.2012.2188440

tivity scheme of [3], preserving the interaction strength between pairsof agents as a power decaying function of its relative distance. The rele-vance of Cucker and Smale proposal relies on the fact that, maintainingessential characteristics of the modeled situation (a flock of birds intheir work), and letting aside others (as the volume of the agents or itsdifference in weights), gives the possibility of a mathematical treatmentof the behavior of the system.

Observe that Cucker and Smale propose a symmetric interactivemodel, with all agents playing an identical rôle, whereas Shen ranksthe agents in a leadership scheme, covering different applications,as he discuses in [8]. Furthermore, the symmetric model has beenlargely considered (see [1], [4]–[6] and the references therein), whilethe hierarchical case has been less studied, to our knowledge the onlyreference being [2].

In this technical note, departing from the Hierarchical Cucker-Smalemodel proposed by Shen in [8], we analyze the situation in whicheach interaction is subject to random failure. Our main result statesthat the convergence type result obtained in [8] holds in our frame-work, with probability one, in the case of agent interactions with linearor sub-linear distance dependent rate of decay (� � � � �, seeTheorem 1).

Consider then a system of � agents with positions and velocities de-noted respectively by � � �� and � � �� . Allindividual positions and velocities are vectors in �, and we refer to �and � as the position and velocity of the system respectively.

Assume that the system evolves under hierarchical leadership, fol-lowing the discrete-time dynamic:

��

��

(1)

where � �� , � � is the time step, �� are the weightingcoefficients, �� if � � , and �� is the leaderset of the agent , assumed to be fixed in time and non empty for � .Model (1) was introduced by Shen in [8] under the denomination ofCucker-Smale model under Hierarchical Leadership.

In this framework we introduce the possibility that each agent , ateach time step, can fail to see any of its superiors in the hierarchy, in theset ��. These failures are assumed to be random, independent with afixed failure rate probability � � �� . More precisely, the weightingcoefficients in (1), for each pair of agents � with � � ��, aregiven by

��

�

�� (2)

where �� are independent and identically distributedBernoulli random variables with success probability �� , i.e.

��

��

Here and denote probability and expectation respectively, and the(random) event �� means that agent fails to (resp.does) see agent � at time step �.

The factor �� in (2), with � � � � � and

�� the Euclidean distance between agents and �, is theCucker-Smale coefficient introduced in [3].

The purpose of our work is to find conditions under which, for largetimes, all agent velocities become equal, with fixed relative positions.Following Cucker and Smale [3] and Shen [8], this asymptotic behavioris called flocking. Observe that, as a consequence of the presence ofrandom failures, we can not expect to have flocking in all possible re-alizations, as in the case when all the connections fail all the time. Thisis a natural situation when dealing with convergence of random vari-

0018-9286/$31.00 © 2012 IEEE

Documents

Design and Analysis of an Integral Sliding Mode Fault-Tolerant Control Scheme